COMPLIANCE ALERT: SAY GOODBYE TO 2003
November 12, 2014
Heavily regulated industries, like Financial, Healthcare, Legal and Government agencies, need to stay on top of an ever changing landscape of rules and regulations. Many of these are geared towards reducing security and privacy threats. The latest “land slide” comes from a familiar source. Microsoft has announced the end of support for Windows Server 2003 on July 14, 2015.
Understand what that can equate to: NO updates + NO support = NO compliance.
For some organizations, taking the risk of staying with 2003 is within their risk tolerance. Regulated industries really don’t have a choice. Staying with 2003 after July 14th could lead to:
- Disconnects – no longer able to work and communicate with interdependent vendors, clients and partners.
- Failed audits – auditors hate added risk; without updates and support, critical data could be at risk.
- Fines and penalties – security and privacy vulnerabilities could lead to data breach consequences.
July 2015 may sound like a long time away. But if you are a regulated organization still running Windows Server 2003, start thinking about what it’s going to take to move to Server 2008 or beyond. Here is a very high level look at what should be included in your plan:
- Inventory – Collecting and understanding your current IT Infrastructure:
- File, Web, Email, Active Directory, Terminal Services and Application servers
- Business continuity and test environments too!
- Email, databases and web servers.
- Third-party workflow, storage and practice management.
- Custom built, in-house applications.
- Impact Analysis – Confirm your compliance needs and how they drive your IT infrastructure needs:
- Understand regulatory workflows and commitments.
- Categorize infrastructure and applications.
- Assess ability to “upgrade” or need to rebuild from scratch.
- Prioritize risk and workload.
- Road-map – chose your destination(s) and map a course:
- Upgrading in-house – Physical vs. virtual.
- Upgrading in the cloud – Public, private or hybrid.
- Select vendors and partners for some heavy lifting.
- Implement – Develop a project plan to make it all happen by July 14, 2015!
- Test independently.
- Test and integrate with interdependent systems.
- What’s a good cut over date for the least impact??
With a single critical application server often requiring 2 to 3 months for all of these steps, July 14th doesn’t seem far enough away anymore, eh?
‘Tis the season – budget season! With many companies currently developing their 2015 business plans, the time is right to incorporate a Windows Server 2003 migration plan.
If this news interests you, then it’s probably worth investigating what Site2 has to offer.